There are four basic supported scenarios for Internet-based client management, and within these there are some supported variations:

Scenarios 1 and 2 are suitable if the Internet-based client management site supports only Internet-based clients on the Internet and does not need to also support clients on the intranet.

Scenarios 3 and 4 are suitable if the Internet-based client management site supports clients that are on the Internet and clients that are on the intranet.

Scenarios for Sites that Do Not Need to Also Manage Intranet Clients

If the Configuration Manager 2007 site only supports clients over the Internet, Scenarios 1 and 2 are applicable.

Note

When the site does not support clients on the intranet, the site should not be configured with a default management point.

Scenario 1: Configuration Manager site that doesn't support intranet clients and spans the perimeter network and intranet. All the Internet-based site systems are in the perimeter network, and accept connections for clients connecting over the Internet. The site server is in the intranet.

There are two variations of this scenario:

The management point that supports Internet-based clients communicates directly with the SQL server in the intranet.

Scenarios for Sites that Manages Clients on the Internet and the Intranet

If the Configuration Manager 2007 site needs to support clients on the Internet and support clients on the intranet, Scenarios 3 and 4 are applicable.

Scenario 3: Configuration Manager site that supports both Internet clients and intranet clients and spans the perimeter network and intranet. All the Internet-based site systems are in the perimeter network and accept connections for clients connecting over the Internet. There is a second management point (and second software update point and fallback status point, and additional distribution points) and other site systems that are in the intranet for clients connecting on the intranet.

There are two variations of this scenario:

The management point that supports Internet-based clients communicates directly with the SQL server in the intranet.

Scenario 4: Configuration Manager site that supports both Internet clients and intranet clients and bridges the perimeter network and intranet. The single management point is both the site's default management point and the Internet-based client management point.

There are three variations of this scenario:

The Configuration Manager 2007 site bridges the perimeter network and intranet by having two network cards in the site systems that support Internet-based client management.

The Configuration Manager 2007 site is contained on the intranet, and the site systems that are configured for Internet-based client management can accept both Internet connections and intranet connections. This solution requires a reverse proxy solution (for example, using Microsoft ISA Server) to publish the Internet-based site systems on the intranet to the Internet.

The Configuration Manager 2007 site bridges the perimeter network and intranet with the Internet-based site systems in the perimeter network, and it is configured to accept both Internet connections and intranet connections. The site server is in the intranet. This solution requires that the intranet FQDN of the Internet-based site systems are registered in the intranet DNS servers with the public IP addresses of the servers in the perimeter network.